Privacy Policy

iSoftGlass is a SaaS platform dedicated to the glass industry, providing software solutions for managing quotes, production and daily operations for glass processors and installers across Europe.

The data controller is the company operating the iSoftGlass platform, registered in Romania. For any request related to your personal data, contact us at contact@isoftglass.com.

Data you provide directly:

• Full name
• Email address
• Phone number
• Company name and tax identification number
• Job title / role within the company
• Messages sent via the contact form or WhatsApp
• Data entered into the application (clients, orders, products, stock, production data)

Data collected automatically:

• IP address
• Browser type and operating system
• Pages visited and session duration
• Application usage data (actions taken, features accessed)
• Cookies and similar tracking technologies

We process your personal data under the following legal bases pursuant to GDPR (EU Regulation 2016/679):

• Performance of a contract (Art. 6(1)(b)) — to provide, manage and improve the iSoftGlass service for active account holders
• Legitimate interest (Art. 6(1)(f)) — to prevent fraud, maintain platform security, analyze product usage and continuously improve our services
• Consent (Art. 6(1)(a)) — to send newsletters, marketing communications and to place non-essential cookies
• Legal obligation (Art. 6(1)(c)) — to comply with tax, accounting and legal requirements applicable in Romania and the EU

Processing purposes include:

• Creating and managing user accounts
• Providing access to the application and its features
• Technical support and customer assistance
• Scheduling and conducting product demonstrations
• Invoicing and contract management
• Sending updates, new feature announcements or offers (with your consent)
• Anonymous statistical analysis of platform usage

• Active account data — for the duration of the contract and up to 3 years after termination, for accounting and legal purposes
• Contact data (demo requests, forms) — up to 2 years from the last interaction
• Billing data — 10 years in accordance with Romanian tax legislation
• Analytics data (cookies, sessions) — up to 13 months
• Marketing data (with consent) — until consent is withdrawn or 3 years from the last interaction

Upon expiry of the retention period, data is permanently deleted or irreversibly anonymized.

We do not sell your personal data. We may share data with third parties only in the following circumstances:

• Service providers (data processors) — hosting services (e.g. AWS, Google Cloud), analytics tools (e.g. Google Analytics 4), transactional email services — all bound contractually through a Data Processing Agreement (DPA)
• Competent authorities — when legally required (e.g. tax authorities, courts of law)
• Implementation or support partners — exclusively under implementation or technical support contracts, with confidentiality obligations

All data transfers are carried out with appropriate protection safeguards as required by GDPR.

Under the General Data Protection Regulation (GDPR), you have the following rights:

• Right of access (Art. 15) — you may request a copy of the personal data we hold about you
• Right to rectification (Art. 16) — you may request correction of inaccurate or incomplete data
• Right to erasure / „right to be forgotten” (Art. 17) — you may request deletion of your data, subject to legal conditions
• Right to restriction of processing (Art. 18) — you may request that we limit the use of your data
• Right to data portability (Art. 20) — you may receive your data in a structured, machine-readable format
• Right to object (Art. 21) — you may object to processing for direct marketing or on the basis of legitimate interest
• Right to withdraw consent — at any time, without affecting the lawfulness of prior processing

We implement appropriate technical and organizational measures to protect your data, including:

• HTTPS/TLS encryption for all communications
• Encrypted data storage in the database
• Secure authentication with hashed passwords
• Role-based access control (RBAC)
• Regular backups and continuous monitoring
• Periodic security audits

However, no internet data transmission can be guaranteed as 100% secure. If you identify a security vulnerability, please notify us immediately at contact@isoftglass.com.

We use cookies and similar technologies on our website and application. For full details, see our Cookie Policy.

In brief, we use:

• Strictly necessary cookies — essential for site operation and application authentication (no consent required)
• Analytics cookies — Google Analytics 4, to understand how the platform is used (consent required)
• Preference cookies — saving your selected language and display settings

Some service providers we use may process data outside the European Economic Area (EEA). When such a transfer occurs, we ensure adequate safeguards are in place, such as:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Compliance certifications (e.g. EU-US Data Privacy Framework)
• European Commission adequacy decisions

We may update this policy periodically to reflect changes to our service, legislation or data processing practices. Any significant changes will be communicated by email or via a prominent notice on the website at least 14 days before taking effect.

The date of the last update is indicated at the top of this document. Continued use of our services after the effective date constitutes acceptance of the updated policy.

For any question, request or complaint regarding your personal data, please reach out to us: